LeakIX - Host doracore.com

Domain doracore.com

Germany

AMAZON-02

Software information

Netlify

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 35.157.26.135
Domain: doracore.com
Port: 443
URL: https://doracore.com

First seen 2025-11-06 23:33
Last seen 2026-01-09 22:30
Open for 63 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110b5863c1ec8f0c5479e8010479e8010479e8010479e8010
```
Public Swagger UI/API detected at path: /api-docs/swagger.json - sample paths:
GET /projects
GET /projects/{id}
```
  Found on 2026-01-09 22:30
Create report

Open service 35.157.26.135:443 · doracore.com

2026-01-09 22:30

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: public,max-age=0,must-revalidate
Cache-Status: "Netlify Edge"; hit
Content-Length: 855
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Jan 2026 22:30:48 GMT
Etag: "48332de23086cd5d133928ff480534f6-ssl"
Server: Netlify
Strict-Transport-Security: max-age=31536000
X-Nf-Request-Id: 01KEJE4EWN6J9TAXGP3FPYPFRQ
Connection: close

Page title: Dora Core


<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Dora Core</title>
    <meta name="description" content="Lovable Generated Project" />
    <meta name="author" content="Lovable" />
    <meta property="og:image" content="/og-image.png" />
    <link rel="icon" type="image/ico" href="https://vapduzwgzrjumxrbnegb.supabase.co/storage/v1/object/public/favicon/favicon.ico" />
    <script type="module" crossorigin src="/assets/index-DgDfZWr2.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-Cw568U3O.css">
  </head>

  <body>
    <div id="root"></div>
    <!-- IMPORTANT: DO NOT REMOVE THIS SCRIPT TAG OR THIS VERY COMMENT! -->
    <script src="https://cdn.gpteng.co/gptengineer.js" type="module"></script>
  </body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

*.doracore.comdoracore.com

Fingerprint:

8a178b53c654c6a44cc36472ba824c77e6147c9a8a803cc31f6075f31d153186

CN:

doracore.com

Key:

ECDSA-256

Issuer:

Not before:

2026-01-05 21:47

Not after:

2026-04-05 21:47

Domain summary

doracore.com 1

1 recorded

IP summary

35.157.26.135 2